These 16 Clicker Malware Infected Android Apps Were Downloaded Over 20 Million Times

Products You May Like

As many as 16 malicious apps with over 20 million cumulative downloads have been taken down from the Google Play Store after they were caught committing mobile ad fraud.

The Clicker malware masqueraded as seemingly harmless utilities like cameras, currency/unit converters, QR code readers, note-taking apps, and dictionaries, among others, in a bid to trick users into downloading them, cybersecurity firm McAfee said.


The list of offending apps is as follows –

  • High-Speed Camera (com.hantor.CozyCamera) – 10,000,000+ downloads
  • Smart Task Manager (com.james.SmartTaskManager) – 5,000,000+ downloads
  • Flashlight+ (kr.caramel.flash_plus) – 1,000,000+ downloads
  • 달력메모장 (com.smh.memocalendar) – 1,000,000+ downloads
  • K-Dictionary (com.joysoft.wordBook) – 1,000,000+ downloads
  • BusanBus (com.kmshack.BusanBus) – 1,000,000+ downloads
  • Flashlight+ (com.candlencom.candleprotest) – 500,000+ downloads
  • Quick Note (com.movinapp.quicknote) – 500,000+ downloads
  • Currency Converter (com.smartwho.SmartCurrencyConverter) – 500,000+ downloads
  • Joycode (com.joysoft.barcode) – 100,000+ downloads
  • EzDica (com.joysoft.ezdica) – 100,000+ downloads
  • Instagram Profile Downloader (com.schedulezero.instapp) – 100,000+ downloads
  • Ez Notes (com.meek.tingboard) – 100,000+ downloads
  • 손전등 (com.candlencom.flashlite) – 1,000+ downloads
  • 계산기 (com.doubleline.calcul) – 100+ downloads
  • Flashlight+ ( – 100+ downloads

The Clicker app, once installed and launched, unleashes its fraudulent functionality that enables the malware to covertly visit bogus websites and simulate ad clicks without the victims’ knowledge.


“This may cause heavy network traffic and consume power without user awareness during the time it generates profit for the threat actor behind this malware,” McAfee researcher SangRyol Ryu said.

To further conceal its true motive, the app takes into account the app’s installation time such that the suspicious activity doesn’t kick in within the first one hour of downloading the app. It also incorporates a randomized delay in between to stay under the radar.

The findings arrive two months after McAfee discovered a dozen Android adware apps distributed on the Google Play Store, which harbored a malware strain called HiddenAds that were found to execute automatically without any user interaction.

“Clicker malware targets illicit advertising revenue and can disrupt the mobile advertising ecosystem,” Ryu said. “Malicious behavior is cleverly hidden from detection.”

Cyber Security

Products You May Like

Articles You May Like

The Callisto Protocol PC System Requirements Announced
Tax prep software sent back personal consumer data to Meta and Google, report says
Donald Trump Snubs Twitter After Elon Musk Reactivates Former US President’s Account
ISRO’s RH200 Sounding Rocket Registers 200th Consecutive Successful Launch
New RansomExx Ransomware Variant Rewritten in the Rust Programming Language

Leave a Reply

Your email address will not be published. Required fields are marked *